CVE-2015-0239

Impact:
Low
Public Date:
2015-01-27
CWE:
CWE-391
Bugzilla:
1186448: CVE-2015-0239 kernel: kvm: insufficient sysenter emulation when invoked from 16-bit code
It was found that the Linux kernel KVM subsystem's sysenter instruction emulation was not sufficient. An unprivileged guest user could use this flaw to escalate their privileges by tricking the hypervisor to emulate a SYSENTER instruction in 16-bit mode, if the guest OS did not initialize the SYSENTER model-specific registers (MSRs). Note: Certified guest operating systems for Red Hat Enterprise Linux with KVM do initialize the SYSENTER MSRs and are thus not vulnerable to this issue when running on a KVM hypervisor.

Find out more about CVE-2015-0239 from the MITRE CVE dictionary dictionary and NIST NVD.

Statement

This issue did not affect the kvm packages as shipped with Red Hat Enterprise Linux 5 as they lack support for sysenter instruction emulation.

This issue affects the Linux kernel packages as shipped with Red Hat Enterprise Linux 7. A future update may address this issue.

Please note that the Red Hat Enterprise Linux with KVM certified guest operating
systems do initialize the SYSENTER MSRs and are thus not vulnerable to
this issue when running on KVM hypervisor.

CVSS v2 metrics

Base Score 6.2
Base Metrics AV:L/AC:H/Au:N/C:C/I:C/A:C
Access Vector Local
Access Complexity High
Authentication None
Confidentiality Impact Complete
Integrity Impact Complete
Availability Impact Complete

Find out more about Red Hat support for the Common Vulnerability Scoring System (CVSS).

Red Hat Security Errata

Platform Errata Release Date
Red Hat Enterprise Linux 6 (kernel) RHSA-2015:1272 2015-07-20
Red Hat Enterprise Linux 7 (kernel) RHSA-2015:2152 2015-11-19

Affected Packages State

Platform Package State
Red Hat Enterprise MRG 2 realtime-kernel Not affected
Red Hat Enterprise Linux 7 kernel-rt Not affected
Red Hat Enterprise Linux 5 kvm Not affected

Acknowledgements

Red Hat would like to thank Nadav Amit for reporting this issue.
Last Modified